Файл: forum/files.php
Строк: 48
<?
include_once '../sys/includes/start.php';
include_once '../sys/includes/sess.php';
include_once '../sys/includes/home.php';
include_once '../sys/includes/settings.php';
include_once '../sys/includes/db_connect.php';
include_once '../sys/includes/ipua.php';
include_once '../sys/includes/fnc.php';
include_once '../sys/includes/user.php';
include_once '../sys/includes/downloadfile.php';
if (isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_files` WHERE `id` = '".intval($_GET['id'])."'"),0)==1)
{
$file=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_files` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"));
if (is_file(H.'sys/forum/files/'.$file['id'].'.frf') && isset($user) && $user['level']>=1 && isset($_GET['del']))
{
if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']!=NULL)
{
$link=$_SERVER['HTTP_REFERER'];
}else{
$link='/index.php';
}
mysql_query("DELETE FROM `forum_files` WHERE `id` = '$file[id]' LIMIT 1");
unlink(H.'sys/forum/files/'.$file['id'].'.frf');
if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']!=NULL)
{
header("Location: $_SERVER[HTTP_REFERER]");
}else{
header("Location: /forum/index.php?".SID);
}
}
else if (is_file(H.'sys/forum/files/'.$file['id'].'.frf'))
{
mysql_query("UPDATE `forum_files` SET `count` = '".($file['count']+1)."' WHERE `id` = '$file[id]' LIMIT 1");
DownloadFile(H.'sys/forum/files/'.$file['id'].'.frf', $file['name'].'.'.$file['ras'],ras_to_mime($file['ras']));
exit;
}
}else{
header("Location: /err.php?".SID);
exit;
}
?>